> Quoting Riccardo Facchetti (fizban@tin.it):
>
> > Machine
> > completely unusable ... BIOS destroyed ... return to the shop.
> >
> > So read the documentation, it save your ass :)
>
> Yes. So: Nobody sane working on a box that *might* be taken over
> should enable such settings at compile time. He/she won't even
> be able to reboot if someone became root (by a yet unknown
> attack that might even pass a firewall).
That would just be a delay tactic. As root an attacker could (among other
things...) compile/install a kernel with the required support, or even
easier, use a short C program to write trash to the BIOS eprom directly.
If root is broken into all bets are off.
Cheers,
Rafael
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/